A recent cyber attack on the Co-op has led to significant food shortages in some of its stores, including the Heavitree branch in Exeter, where customers found many chilled items missing from shelves on Friday, May 16.
The affected stores displayed apology notices to shoppers, acknowledging the shortages and assuring efforts to restore stock levels soon. However, the timeline for full recovery remains uncertain.
Co-op announced on Wednesday that its shops and online platforms are expected to see improved stock availability starting this weekend as the company recovers from the cyber incident. Headquartered in Manchester, Co-op is actively collaborating with suppliers to replenish inventories disrupted by the attack.
READ MORE: Live Updates: M5 Delays as Weekend Getaway Traffic Builds
READ MORE: Somerset Grandma Celebrates Hen Night She Missed 70 Years Ago
In response to the breach, Co-op took immediate action by shutting down certain systems to contain the threat. The company is now restoring its online operations methodically and safely. With the stock ordering system fully back online, management anticipates that both physical stores and online services will benefit from steadier stock levels moving forward.
Payment systems—including contactless and chip-and-pin methods—have been fully reinstated across stores. A spokesperson stated, “Following a malicious third-party cyber attack, we acted promptly to limit access and protect our systems. We are now in the recovery phase, cautiously bringing systems back online.”
The Co-op is not alone in experiencing such cyber incidents recently. Other prominent retailers like Marks & Spencer and Harrods have also been targeted. Since Easter weekend, M&S has been grappling with a severe cyber-attack that compromised personal customer data and disrupted its online ordering, although physical stores remain open.
The National Crime Agency is investigating these attacks, considering possible links between them. For the Co-op, the cyber-attack severely impacted stock availability, forcing stores to focus on restocking essentials in the worst-hit areas.
Additionally, the breach exposed members’ personal information, including names and contact details. Payment functionality was affected in some locations, though most of the Co-op’s network of approximately 2,300 shops continued to accept standard payment methods.
Shirine Khoury-Haq, Chief Executive of the Co-operative Group, apologized for the disruption and described the incident as a “highly sophisticated” attack.
Beyond retail, Co-op’s operations include funeral services and insurance. The company plans to hold its annual general meeting for members in Manchester this Saturday.